Field
This invention relates generally to ecommerce platforms and solutions.
Background
Ecommerce is the business conducted over the internet using any of the applications that rely on internet. E-mail, Web Services, and Online Shopping all fall under ecommerce.
Privacy is one of the most complex issues faced by ecommerce ventures today. Most sites actively collect user information from users regarding their personal information. End users are supposed to fill out certain forms which require information private to them.
Many online purchasers are concerned about the disclosure of personal information, such as personal ID information, credit card information, full name, date of birth and the like to vendors (merchants) or intermediaries who sell or promote goods and services of third parties directly through their own websites, or indirectly through the websites of others.
Purchasers fear that their information might be shared with or used unethically or illegally by other organizations and/or companies, and that they may be spammed with unnecessary marketing or promotional material.
Purchasers are also afraid that the personal information provided to the seller is being intercepted and at risk.
There is also the fear that past visited browsing activities can be tracked by the newly visited (linked to) site, by the latter's access to cookie type information. One concern with being tracked is that the price quoted by a merchant may be different (higher) than that quoted to visitors to the site whose cookie profile shows them to have, for example, visited other shopping sites.
On the merchant side, the fact that a potential customer fears sharing information online with merchants also works against the merchants. Merchants are equally harmed when customers refuse do give financial information, or do so only after talking with a live person at the merchant's end. A live person increases a business' transactional costs which must then be built into its price (bad for consumer) or absorbed by the merchant (bad for merchant).
In short, ecommerce privacy concerns pose problems for both customers and vendors alike. Studies have shown that customers prefer to do business with a site operated by a trusted company or organization, as they feel more secure that their information is both not shared inappropriately or at risk of being misused.
A very legitimate concern is the common policy of ecommerce sites to distribute/sell their customer lists to third parties who in turn generate unwanted targeted e-mails to those customers.
Cookies:
As mentioned above, cookies and cookie tracking is a widely common ecommerce practice. Cookies are important as they allow vendors to recognize return customers and allow financial and non-financial information to be provided by the customer in a more expedient manner, often translating into an improved online purchase experience.
Cookies are also critical to certain affiliate marketing schemes as they provide a means for affiliates to ensure a commission is earned even after a purchaser clicks though the affiliate banner or only to exit the affiliate's site and return later to purchase direct from the merchant site.
In addition, cookies make it possible for any ecommerce website that requires personalized customer information to not have to require the customer to retype this information every time. Unfortunately, if a vendor can access a computer hard drive to retrieve a stored profile so can a hacker.
In short, a cookie is a message given to a web browser by a web server. The browser stores the cookie in a text file. The cookie is then sent back to the server each time the browser requests a page from the server. The main purpose of a cookie is to identify users and possibly prepare customized web pages for them.
A cookie can be transient (used just for the lifetime of the browser session) or persistent. A persistent cookie is stored to permanent storage so that it is available the next time the user starts a web browser.
Because of privacy concerns expressed by many citizens around the globe, more and more privacy laws are being adopted with an arm at protecting internet users from rogue sites and hackers by severely restricting the ease by which cookies and cookie tracking were being employed in past. For vendors doing business globally, this may mean having a strict cookie use policy. For the customer, it may mean a diminished online purchase experience.
A cookie is used basically in two ways: tracking users and authenticating users. Advertisers such as Amazon use cookies to track users as well as to (i) deliver targeted advertising, and (ii) to track users' movements between websites because the first banner-ad presented to users can set a cookie containing a unique identifier.
As potential customers browse through ads and other banners which create cookies, an advertiser is able to construct a profile about users from the stored cookies.
Cookies can also authenticate users for multi-step web transactions. For example, WSJ.com sets a cookie to identify users after login. This allows user to download content from WSJ.com without having to re-enter a password.
Ecommerce sites also use cookies to associate users with a shopping cart. In all cases, a valid cookie will grant access to data about users. Unlike tracking cookies, it is very important that authentication cookies be protected from exposure and forgery.
Unfortunately, cookies were not designed with such protections in mind, and there is no standard mechanism to establish the integrity of a cookie returned by a browser.
Most sites do not use cryptography to prevent forgery of cookie-based authenticators. The unsafe practice of storing usernames or ID numbers in cookies illustrates this. In such a scheme, anyone can impersonate a user by substituting the victim's username or ID number in the cookie. Even schemes that do use cryptography often crumble under weak cryptanalytic attacks.
To protect against the exposure of personal data online, the recommended defense is for customers simply not to shop online, or to not register with online services that use unsafe cookie-based authentication. This is of course not realistic.
Recommender Systems:
In addition to use of cookies, ecommerce sites commonly employ recommender systems. Recommender systems are used by ecommerce sites to suggest products to their customers. The products can be recommended based on the top overall sellers on a site, based on the demographics of the customer, or based on an analysis of the past buying behavior of the customer as a prediction for future buying behavior. Broadly, these techniques are part of personalization on a site, because they help the site adapt itself to each customer.
Recommender systems enhance ecommerce sales in the following three ways:
Browsers into buyers: Visitors to a Website often look over the site without ever purchasing anything. Recommender systems can help customers find products they wish to purchase.
Cross-sell: Recommender systems improve cross-sell by suggesting additional products for the customer to purchase. If the recommendations are good, the average order size should increase. For instance, a site might recommend additional products in the checkout process, based on those products already in the shopping cart.
Loyalty: In a world where a site's competitors are only a click or two away, gaining customer-loyalty is an essential business strategy.
Accordingly, recommender systems provide benefits to both merchants and customers. Unfortunately, recommender systems make possible for merchants to discriminate against customers based on, for example, a predicted price sensitivity of purchaser. For instance, one customer might be willing to purchase the product at a price that would earn the site ten cents of profit, while another customer might purchase the same product at a one dollar profit. Purchasers' legitimate concern over possible discrimination works against those merchants who are not discriminating.
There is a need for cookie-free ecommerce solutions that provide a positive, customer-convenient experience.
In addition, there is a need for a more secure online purchasing transaction model which addresses concerns with regard to cookies generally, as well as the unauthorized and impermissible use of profile information which one may be asked to share with an untrusted vendor or service provider.
Furthermore, there is a need for an ecommerce platform that overcomes the business, ethical and legal problems of conventional ecommerce solutions. At the same time, this ecommerce platform must be flexible enough to allow purchasers to be able to receive trusted promotions and enjoy incentives and awards for conducting business online.